Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/YO-z1xU6OckcJVV4Srz_Hc7c7Qo.roa
File: YO-z1xU6OckcJVV4Srz_Hc7c7Qo.roa (raw, json)
Hash identifier: 9BxT7F1iwowacFoFZaZGmWi2lJ3ShdNCC6LgO9QgwGY=
Subject key identifier: 60:EF:B3:D7:15:3A:39:C9:1C:25:55:78:4A:BC:FF:1D:CE:DC:ED:0A
Certificate issuer: /CN=02b980c10d7110f91fff9e0eceb639d9e75b35e2
Certificate serial: 018CC8DF808FEC6ABAA990E156649288E044
Authority key identifier: 02:B9:80:C1:0D:71:10:F9:1F:FF:9E:0E:CE:B6:39:D9:E7:5B:35:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/YO-z1xU6OckcJVV4Srz_Hc7c7Qo.roa
Signing time: Tue 02 Jan 2024 06:32:19 +0000
ROA not before: Tue 02 Jan 2024 06:32:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 193.111.200.0/24 maxlen: 24
109.224.233.0/24 maxlen: 24
195.74.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:80:8f:ec:6a:ba:a9:90:e1:56:64:92:88:e0:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b980c10d7110f91fff9e0eceb639d9e75b35e2
Validity
Not Before: Jan 2 06:32:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60efb3d7153a39c91c2555784abcff1dcedced0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:64:25:2a:55:78:eb:64:60:62:b8:ff:89:6c:
aa:36:b6:95:6c:bf:fe:57:b6:86:5d:a4:3f:c0:15:
30:8f:b8:f1:6d:e4:f9:61:e5:36:29:6b:75:bb:f8:
66:36:e8:ea:5b:33:1d:03:13:f9:9f:6d:58:e9:15:
22:3b:2e:25:fa:bd:2c:f2:ce:6c:e9:99:21:97:7a:
6f:aa:2e:f5:9c:8e:89:25:1a:ee:67:72:2f:0e:15:
63:10:7f:95:22:5c:53:7b:04:c9:c2:1d:77:9c:ec:
2d:25:81:1b:0d:ab:4a:6c:6a:f3:00:72:7a:a4:35:
b9:45:a7:b7:fa:a3:2d:ce:24:a5:da:34:49:12:26:
22:4b:f7:06:bf:73:6c:d2:e6:00:a6:6c:12:68:5a:
b3:2d:7f:39:27:14:d5:d7:bc:58:67:b9:d6:d1:1d:
36:83:a7:1c:ba:98:ad:b3:5b:8c:29:d2:a0:ba:e5:
61:51:08:30:00:25:02:08:b5:5f:f3:da:b5:6f:14:
bd:ce:32:35:e1:74:9a:3d:01:17:a5:94:31:52:80:
e5:ba:af:c6:22:20:0d:a8:ee:11:8c:67:2b:d9:07:
c7:8b:9c:eb:61:c2:7c:72:d8:f4:46:95:ff:70:f8:
19:ff:0a:55:5b:f3:b6:ac:6b:e1:b7:6b:c5:3c:63:
3c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:EF:B3:D7:15:3A:39:C9:1C:25:55:78:4A:BC:FF:1D:CE:DC:ED:0A
X509v3 Authority Key Identifier:
keyid:02:B9:80:C1:0D:71:10:F9:1F:FF:9E:0E:CE:B6:39:D9:E7:5B:35:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/YO-z1xU6OckcJVV4Srz_Hc7c7Qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.233.0/24
193.111.200.0/24
195.74.60.0/24
Signature Algorithm: sha256WithRSAEncryption
e1:53:96:58:18:dd:9a:ba:21:a6:31:fa:b7:fa:dd:32:07:2d:
66:b9:0a:ad:05:5a:e1:f9:2e:9b:2f:66:ee:bb:8b:9b:65:f6:
24:ed:53:dc:bf:12:ff:b9:3e:e8:ff:45:36:53:c4:37:87:25:
22:33:bd:78:7a:fd:26:21:89:c5:b3:6f:3b:fb:2d:0f:ef:7b:
06:99:1d:28:bf:d5:a3:1a:0d:9f:57:05:02:7d:18:d4:86:a6:
dc:d9:11:e1:94:fe:7f:27:f8:77:46:8f:ce:6f:f9:5e:19:8b:
37:d7:72:4f:c2:ec:85:36:6c:4b:3d:32:d7:ff:2b:04:ac:d7:
27:17:08:fd:6a:f2:6c:b4:a5:52:cc:98:c7:a8:bd:1c:21:11:
18:68:4a:24:db:fd:53:e8:19:ca:51:98:d3:61:62:8b:b3:b1:
f3:a3:2a:61:40:53:d9:0f:da:2c:5a:e6:f7:98:11:04:e5:a7:
64:ee:e2:2d:6c:7a:71:87:d3:1c:10:19:33:78:05:38:a0:8f:
b6:a6:2f:47:6c:85:0b:74:59:f1:58:53:86:6b:da:cb:76:3b:
be:8c:31:ec:6c:3e:a8:c1:f9:5f:11:93:d6:ef:1b:73:ed:92:
06:70:1c:6e:6e:4e:ef:91:0e:6f:32:ce:44:6d:f6:f7:39:c5:
d5:11:ff:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI34CP7Gq6qZDhVmSSiOBEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjk4MGMxMGQ3MTEwZjkxZmZmOWUwZWNlYjYzOWQ5ZTc1
YjM1ZTIwHhcNMjQwMTAyMDYzMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGVmYjNkNzE1M2EzOWM5MWMyNTU1Nzg0YWJjZmYxZGNlZGNlZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mQlKlV462RgYrj/iWyqNraVbL/+
V7aGXaQ/wBUwj7jxbeT5YeU2KWt1u/hmNujqWzMdAxP5n21Y6RUiOy4l+r0s8s5s
6Zkhl3pvqi71nI6JJRruZ3IvDhVjEH+VIlxTewTJwh13nOwtJYEbDatKbGrzAHJ6
pDW5Rae3+qMtziSl2jRJEiYiS/cGv3Ns0uYApmwSaFqzLX85JxTV17xYZ7nW0R02
g6ccupits1uMKdKguuVhUQgwACUCCLVf89q1bxS9zjI14XSaPQEXpZQxUoDluq/G
IiANqO4RjGcr2QfHi5zrYcJ8ctj0RpX/cPgZ/wpVW/O2rGvht2vFPGM8FQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGDvs9cVOjnJHCVVeEq8/x3O3O0KMB8GA1UdIwQY
MBaAFAK5gMENcRD5H/+eDs62OdnnWzXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJtQXdRMXhFUGtmXzU0T3pyWTUyZWRiTmVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hODk0N2YtZTUyYy00ZGUxLWJhZGUt
NzBjMGE1MDZkNzk3LzEvWU8tejF4VTZPY2tjSlZWNFNyel9IYzdjN1FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hODk0N2YtZTUyYy00ZGUxLWJhZGUtNzBjMGE1MDZkNzk3
LzEvQXJtQXdRMXhFUGtmXzU0T3pyWTUyZWRiTmVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbeDpAwQA
wW/IAwQAw0o8MA0GCSqGSIb3DQEBCwUAA4IBAQDhU5ZYGN2auiGmMfq3+t0yBy1m
uQqtBVrh+S6bL2buu4ubZfYk7VPcvxL/uT7o/0U2U8Q3hyUiM714ev0mIYnFs287
+y0P73sGmR0ov9WjGg2fVwUCfRjUhqbc2RHhlP5/J/h3Ro/Ob/leGYs313JPwuyF
NmxLPTLX/ysErNcnFwj9avJstKVSzJjHqL0cIREYaEok2/1T6BnKUZjTYWKLs7Hz
oyphQFPZD9osWub3mBEE5adk7uItbHpxh9McEBkzeAU4oI+2pi9HbIULdFnxWFOG
a9rLdju+jDHsbD6owflfEZPW7xtz7ZIGcBxubk7vkQ5vMs5Ebfb3OcXVEf9g
-----END CERTIFICATE-----
Generated at Thu May 2 09:02:53 2024 by rpki-client on console-ams.rpki-client.org